Databases Reference
In-Depth Information
Don't use the original data (or use it as little as possible). Wherever
possible, you should make copies of the original data and examine/
analyze the copies. These copies must be made in a way that can be
authenticated as being equal to the original data.
Account for any changes made to the evidence. If you need to reboot
systems, remove temporary files, or any such activity, make sure you
document exactly what was done and why it was done.
Comply with rules that investigators must follow when handling and
examining evidence.
Do not proceed with an investigation if it is beyond your level of
knowledge and skill.
2.10
Summary
In this chapter you got a brief glimpse into the broad and complex world of
information security. You learned about firewalls, IDSs, IPSs, VPNs, inci-
dent management, PKI, and so on. This overview is important because it
can help you understand how your database security strategy will fit in with
the broader strategy of information security. It will also help you ask ques-
tions related to what is already implemented, what problems it can address,
and where the broad strategy is lacking (so that you can address it within
your database security strategy). By understanding technologies and termi-
nologies, you can better align yourself and integrate with information secu-
rity groups, processes, and procedures.
After the brief overview of database security in Chapter 1 and the
review of the information security landscape, the context is set. Let's move
on to a detailed discussion of database security and auditing techniques.
Search WWH ::
Custom Search